Below you will find Guidelines similar in nature to that of the Fedora [https://fedoraproject.org/wiki/Packaging:Guidelines Packaging Guidelines] but catered towards the concept of Containers. Initially Fedora will be targeting the [https://www.docker.com/ Docker] container implementation but there are many and others will likely be incorporated in the future.

Below you will find Guidelines similar in nature to that of the Fedora [https://fedoraproject.org/wiki/Packaging:Guidelines Packaging Guidelines] but catered towards the concept of Containers. Initially Fedora will be targeting the [https://www.docker.com/ Docker] container implementation but there are many and others will likely be incorporated in the future.

−

== General Fedora Docker Information ==

+

== General Fedora Container Information ==

In this section you will find general information about Fedora Docker Images that should be useful for Fedora Docker Layered Image Maintainers.

In this section you will find general information about Fedora Docker Images that should be useful for Fedora Docker Layered Image Maintainers.

* '''Docker Registry''' - (often referred to as just a "Registry") a service that stores and distributes Docker Images via namespaces/repositories.

* '''Fedora Generational Core''' - defined by the [[Modularity|Fedora Modularity]] effort as a part of [[BaseRuntime| the Base Runtime]] and will serve as our docker registry namespace. For all intents and purposes this will be a synonym of the Fedora Release. (Will often be noted as <code>$FGC</code>)

* '''Fedora Generational Core''' - defined by the [[Modularity|Fedora Modularity]] effort as a part of [[BaseRuntime| the Base Runtime]] and will serve as our docker registry namespace. For all intents and purposes this will be a synonym of the Fedora Release. (Will often be noted as <code>$FGC</code>)

+

+

=== Fedora Container Naming ===

+

+

A Fedora Container Layered Image name should be the same as the the name of main service that it intends to provide end users. Therefore, naming must follow the [[Packaging:NamingGuidelines|Fedora Naming Guidelines]].

+

+

Container naming as it will exist in [https://admin.fedoraproject.org/pkgdb/packages/*/?branches=&status=&owner=&namespace=docker Fedora package db] (and [Distgit http://pkgs.fedoraproject.org/cgit/docker]) should be relatively standard. None of the Fedora releases/DistGit-branch naming should be taken into consideration by the main container name, just as it is for RPM Package Naming.

+

+

Below is a reference of the [[Container:Guidelines#Registry_Layout|Registry Layout]] which will clarify how different Fedora releases are handled.

Container Maintainer Guidelines

In the Fedora world, the concept of being a Package Maintainer is well known as all the software currently released and published as an official "Build Artifact" of the Fedora Project for inclusion in the Fedora GNU/Linux distribution has always been packaged in RPM Package Manager Format.

However, as technology changes so must the Fedora Project. The concept of "containers" on Linux has become quite prominent and Fedora will be publishing container images as officially released Build Artifact. One thing to note is that container images are not a new software packaging format but more so a delivery mechanism where many different things can be easily shipped as a single unit. An example of this is packages that can be combined to deliver an easily ran "software solution".

Below you will find Guidelines similar in nature to that of the Fedora Packaging Guidelines but catered towards the concept of Containers. Initially Fedora will be targeting the Docker container implementation but there are many and others will likely be incorporated in the future.

General Fedora Container Information

In this section you will find general information about Fedora Docker Images that should be useful for Fedora Docker Layered Image Maintainers.

Vocabulary Terms

Docker Registry - (often referred to as just a "Registry") a service that stores and distributes Docker Images via namespaces/repositories.

Fedora Generational Core - defined by the Fedora Modularity effort as a part of the Base Runtime and will serve as our docker registry namespace. For all intents and purposes this will be a synonym of the Fedora Release. (Will often be noted as $FGC)

Fedora Container Naming

A Fedora Container Layered Image name should be the same as the the name of main service that it intends to provide end users. Therefore, naming must follow the Fedora Naming Guidelines.

Container naming as it will exist in Fedora package db (and [Distgit http://pkgs.fedoraproject.org/cgit/docker]) should be relatively standard. None of the Fedora releases/DistGit-branch naming should be taken into consideration by the main container name, just as it is for RPM Package Naming.

Below is a reference of the Registry Layout which will clarify how different Fedora releases are handled.

Fedora Base Image

The Fedora Base Image provides information that can be used by the Layered Images via inherited Environment Variables.

$DISTTAG is defined just as it is for RPMs, but since Dockerfiles lack a mechanism similar to RPM Macros this is being stored in the base image such that it can be inherited by layered images.

Fedora Docker Registries and Updates

In Fedora there are two Docker Registries: candidate and stable.

All Layered Image Builds end up in the candidate registry as soon as they are successful in the Docker Layered Image Build System. These images can immediately be pulled via a docker pull candidate-registry.fedoraproject.org/$FGC/$NAME:latest.

Gated releases will happen on a Two Week Cadence, alternating with the Fedora Two Week Atomic Host.

Registry Layout

Fedora Base Images will be available at the "root" namespace of the registry, an example is below:

Fedora Layered Images will be available in their respective $FGC namespace which coorelates to their DistGit branch and Koji tag. An example is as follows for the f25 Fedora Generational Core and the cockpit container image.

There are multiple tags applied to each image:

$FGC/Name:Version-Release (including $DISTTAG)

$FGC/Name:Version

$FGC/Name:latest

The :latest tag can be omitted when issuing a docker pull command.

The latter two tags are updated in-place and a new execution of docker pull will get the latest image.

Searching the Registry

At the time of this writing there is no search functinality for the Docker Registry but we will release a manifest of all available stable Docker Layered Images in the Fedora Docker Registry as Layered Images become available for release. We aim to change this in the future and provide search functionality to users.

Container Guidelines

The Container Guidelines are a collection of common issues and the severity that should be placed on them. While these guidelines should not be ignored, they should also not be blindly followed. If you think that your container should be exempt from part of the Guidelines, please bring the issue to the Fedora Container Committee (Pending Existence). In the absence of a Fedora Container Committee, please seek guidance from the Fedora Cloud SIG.

Docker Containers (Dockerfile)

Docker images are built using a Dockerfile much in the same way an RPM is built using a spec file. In this section are Fedora Guidelines for creating Docker images using a Dockerfile.

These LABELs should be defined in a single line of the Dockerfile such that they don't each lead to another layer in the build. The following is a very simple Dockerfile example containing the required LABELs:

A recommended pattern is to define these items as ENV variables such that they can be used elsewhere, also note the $FGC and $DISTTAG.

$DISTTAG is defined just as it is for RPMs, but since Dockerfiles lack a mechanism similar to RPM Macros this is being stored in the base image such that it can be inherited by layered images.

By following the pattern below, we can define the container specific information in one place on the ENV line and have it be set properly in the LABEL line (again, noting the $FGC and $DISTTAG being used but never defined as these are inherited).

Content

Dockerfiles in Fedora should not contain net new code. The meaning of this is that software should be packaged properly as RPMs and placed in the Fedora repositories, Dockerfiles are simply a deliver mechanism for pre-defined "ready to run" configurations. This can be achieved as an Atomic App or similar. Any content that is to accompany the Dockerfile must either be configuration files or startup/orchestration scripts. The goal of this is such that we follow the key points of the Fedora Release Engineering Philosophy.

These types of multi-container services should be documented in such a way that users can adapt them to their needs. One example would be using the Project Atomicnulecule specification.

FutureIn the future there will be an user facing outlet such that this information can be index and searched so that it's easy for users to consume this content. Our long term Fedora Docker Registry goals are still in development

Discussion

For suggestions, feedback, or to report issues with this page please contact the Fedora Cloud SIG.